Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
File:                     xAqOocjcM7gpD-vTTkU4vZWXROg.mft (raw, json)
Hash identifier:          2Pfcwk5WTWz2zr5ipLlUSamDMjnFm9B6OfXpSKLPdzQ=
Subject key identifier:   43:17:11:B0:42:A5:83:B5:35:79:EB:17:5B:64:7C:F0:31:65:B5:3E
Authority key identifier: C4:0A:8E:A1:C8:DC:33:B8:29:0F:EB:D3:4E:45:38:BD:95:97:44:E8
Certificate issuer:       /CN=c40a8ea1c8dc33b8290febd34e4538bd959744e8
Certificate serial:       01976DABD93AA926E26BDFCE01664FEE7A65
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
Manifest number:          151F
Signing time:             Sat 14 Jun 2025 09:01:08 +0000
Manifest this update:     Sat 14 Jun 2025 09:01:08 +0000
Manifest next update:     Sun 15 Jun 2025 09:01:08 +0000
Files and hashes:         1: xAqOocjcM7gpD-vTTkU4vZWXROg.crl (hash: tf7KUHZCz4daUlnVEPJ1stUThyjogaXBXduNyudcGTI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 15 Jun 2025 01:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:6d:ab:d9:3a:a9:26:e2:6b:df:ce:01:66:4f:ee:7a:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c40a8ea1c8dc33b8290febd34e4538bd959744e8
        Validity
            Not Before: Jun 14 09:01:08 2025 GMT
            Not After : Jun 15 09:01:08 2025 GMT
        Subject: CN=431711b042a583b53579eb175b647cf03165b53e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:c6:83:8a:c2:eb:36:3f:6c:c0:2a:12:05:1b:
                    fd:f2:74:bc:77:58:a5:d7:54:1c:e8:49:83:c6:18:
                    71:a3:83:d1:14:89:53:de:bd:e1:83:cc:c5:b7:ac:
                    a1:37:0b:22:48:2a:9e:7b:e2:5a:5e:cd:ec:7b:84:
                    d9:b1:0e:b5:fa:7e:58:c0:de:b2:11:34:40:1b:dc:
                    5d:33:71:52:04:58:7a:1f:b6:33:c1:a5:5a:46:6b:
                    1a:41:01:d1:15:9e:2b:78:8f:f7:63:37:0f:1c:9d:
                    19:69:2f:d4:d1:46:34:36:bf:83:69:66:c8:53:c3:
                    83:8f:b4:56:8e:ab:e9:33:72:d1:5e:03:55:a5:9f:
                    63:32:74:d9:7b:2d:9f:d5:04:3a:a8:72:15:98:a4:
                    ff:cf:22:52:5b:14:67:8b:59:d2:28:f7:16:69:e6:
                    c2:fd:1c:74:0d:14:cf:5a:a5:fc:54:66:6f:69:f5:
                    d2:bc:0d:61:86:83:ac:78:fd:3e:39:ce:aa:a8:3c:
                    ac:d9:d2:45:a7:49:23:27:ed:78:19:05:0a:c8:20:
                    4c:3f:c0:5e:be:53:37:1b:0e:34:19:82:07:43:b0:
                    d2:ef:e3:5a:7f:81:43:74:1b:e0:2b:32:18:65:66:
                    03:40:36:d8:dc:7a:45:fe:13:24:a0:5a:07:ac:15:
                    92:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:17:11:B0:42:A5:83:B5:35:79:EB:17:5B:64:7C:F0:31:65:B5:3E
            X509v3 Authority Key Identifier:
                keyid:C4:0A:8E:A1:C8:DC:33:B8:29:0F:EB:D3:4E:45:38:BD:95:97:44:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:af:ff:6d:4c:85:82:02:e5:77:66:a9:fc:f8:fc:6c:65:16:
         b5:8f:00:28:54:78:ea:75:01:9c:94:9b:b8:eb:df:2d:9f:9b:
         81:0f:40:e5:20:c9:7f:4c:c4:88:99:8b:fd:26:9b:26:55:b3:
         2d:b1:ea:2b:57:e5:9f:7f:bb:1e:2d:d1:48:cf:90:97:4b:16:
         94:a4:66:2a:4f:54:3d:05:e4:6e:49:4d:cc:c3:af:22:40:53:
         ed:03:a9:b0:50:ab:c6:50:23:24:e1:ae:25:09:19:dd:7d:80:
         9c:0f:ac:ba:76:b0:88:5d:09:cb:d9:e2:d0:81:8a:84:2b:e2:
         dc:47:18:8a:25:81:5e:57:ea:15:03:ad:03:63:61:55:73:8f:
         8d:33:0b:3c:a1:b8:95:ca:16:4e:35:31:c6:f0:6b:f4:ba:5b:
         a8:37:cf:33:06:5e:72:88:d8:da:0b:80:f3:98:9f:58:6e:cb:
         49:36:5c:9c:7a:9c:64:3d:55:3f:17:8f:ab:6d:51:13:32:6f:
         30:cb:99:16:d4:df:f0:5f:e6:ae:d1:b3:b4:e9:f9:2a:5a:54:
         39:95:27:97:f3:79:21:43:3f:2d:d1:87:c8:47:f5:b8:d3:1f:
         ab:b8:58:1a:12:78:73:c9:9b:c8:1b:3c:9d:8c:de:91:81:dc:
         98:84:e3:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdtq9k6qSbia9/OAWZP7nplMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MGE4ZWExYzhkYzMzYjgyOTBmZWJkMzRlNDUzOGJkOTU5
NzQ0ZTgwHhcNMjUwNjE0MDkwMTA4WhcNMjUwNjE1MDkwMTA4WjAzMTEwLwYDVQQD
Eyg0MzE3MTFiMDQyYTU4M2I1MzU3OWViMTc1YjY0N2NmMDMxNjViNTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMaDisLrNj9swCoSBRv98nS8d1il
11Qc6EmDxhhxo4PRFIlT3r3hg8zFt6yhNwsiSCqee+JaXs3se4TZsQ61+n5YwN6y
ETRAG9xdM3FSBFh6H7YzwaVaRmsaQQHRFZ4reI/3YzcPHJ0ZaS/U0UY0Nr+DaWbI
U8ODj7RWjqvpM3LRXgNVpZ9jMnTZey2f1QQ6qHIVmKT/zyJSWxRni1nSKPcWaebC
/Rx0DRTPWqX8VGZvafXSvA1hhoOseP0+Oc6qqDys2dJFp0kjJ+14GQUKyCBMP8Be
vlM3Gw40GYIHQ7DS7+Naf4FDdBvgKzIYZWYDQDbY3HpF/hMkoFoHrBWSPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEMXEbBCpYO1NXnrF1tkfPAxZbU+MB8GA1UdIwQY
MBaAFMQKjqHI3DO4KQ/r005FOL2Vl0ToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lOThiZjctYzVjOC00NTYxLTk3ZTgt
ZTEzMTYwYWMzZTIzLzEveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lOThiZjctYzVjOC00NTYxLTk3ZTgtZTEzMTYwYWMzZTIz
LzEveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgq//bUyF
ggLld2ap/Pj8bGUWtY8AKFR46nUBnJSbuOvfLZ+bgQ9A5SDJf0zEiJmL/SabJlWz
LbHqK1fln3+7Hi3RSM+Ql0sWlKRmKk9UPQXkbklNzMOvIkBT7QOpsFCrxlAjJOGu
JQkZ3X2AnA+sunawiF0Jy9ni0IGKhCvi3EcYiiWBXlfqFQOtA2NhVXOPjTMLPKG4
lcoWTjUxxvBr9LpbqDfPMwZecojY2guA85ifWG7LSTZcnHqcZD1VPxePq21REzJv
MMuZFtTf8F/mrtGztOn5KlpUOZUnl/N5IUM/LdGHyEf1uNMfq7hYGhJ4c8mbyBs8
nYzekYHcmITjYg==
-----END CERTIFICATE-----